Blame - servconf.c - platform/external/openssh

blob: 681878615a905bcc0bcc833617bfc785bdf54bd6 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				3	* All rights reserved
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	4	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	5	* As far as I am concerned, the code I have written for this software
				6	* can be used freely for any purpose. Any derived versions of this
				7	* software must be clearly marked as such, and if the derived work is
				8	* incompatible with the protocol description in the RFC file, it must be
				9	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	10	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	11
				12	#include "includes.h"
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	13	RCSID("$OpenBSD: servconf.c,v 1.72 2001/03/25 13:16:10 stevesk Exp $");
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	14
				15	#ifdef KRB4
				16	#include <krb.h>
				17	#endif
				18	#ifdef AFS
				19	#include <kafs.h>
				20	#endif
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	21
				22	#include "ssh.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	23	#include "log.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	24	#include "servconf.h"
				25	#include "xmalloc.h"
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	26	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	27	#include "pathnames.h"
				28	#include "tildexpand.h"
				29	#include "misc.h"
				30	#include "cipher.h"
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	31	#include "kex.h"
				32	#include "mac.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	33
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	34	/* add listen address */
				35	void add_listen_addr(ServerOptions options, char addr);
				36
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	37	/* AF_UNSPEC or AF_INET or AF_INET6 */
				38	extern int IPv4or6;
				39
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	40	/* Initializes the server options to their default values. */
				41
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	42	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	43	initialize_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	45	memset(options, 0, sizeof(*options));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	46	options->num_ports = 0;
				47	options->ports_from_cmdline = 0;
				48	options->listen_addrs = NULL;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	49	options->num_host_key_files = 0;
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	50	options->pid_file = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	51	options->server_key_bits = -1;
				52	options->login_grace_time = -1;
				53	options->key_regeneration_time = -1;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	54	options->permit_root_login = PERMIT_NOT_SET;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	55	options->ignore_rhosts = -1;
				56	options->ignore_user_known_hosts = -1;
				57	options->print_motd = -1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	58	options->print_lastlog = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	59	options->check_mail = -1;
				60	options->x11_forwarding = -1;
				61	options->x11_display_offset = -1;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	62	options->xauth_location = NULL;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	63	options->strict_modes = -1;
				64	options->keepalives = -1;
				65	options->log_facility = (SyslogFacility) - 1;
				66	options->log_level = (LogLevel) - 1;
				67	options->rhosts_authentication = -1;
				68	options->rhosts_rsa_authentication = -1;
				69	options->rsa_authentication = -1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	70	options->pubkey_authentication = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	71	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	72	options->kerberos_authentication = -1;
				73	options->kerberos_or_local_passwd = -1;
				74	options->kerberos_ticket_cleanup = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	75	#endif
				76	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	77	options->kerberos_tgt_passing = -1;
				78	options->afs_token_passing = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	79	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	80	options->password_authentication = -1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	81	options->kbd_interactive_authentication = -1;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	82	options->challenge_reponse_authentication = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	83	options->permit_empty_passwd = -1;
				84	options->use_login = -1;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	85	options->allow_tcp_forwarding = -1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	86	options->num_allow_users = 0;
				87	options->num_deny_users = 0;
				88	options->num_allow_groups = 0;
				89	options->num_deny_groups = 0;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	90	options->ciphers = NULL;
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	91	options->macs = NULL;
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	92	options->protocol = SSH_PROTO_UNKNOWN;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	93	options->gateway_ports = -1;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	94	options->num_subsystems = 0;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	95	options->max_startups_begin = -1;
				96	options->max_startups_rate = -1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	97	options->max_startups = -1;
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	98	options->banner = NULL;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	99	options->reverse_mapping_check = -1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	100	}
				101
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	102	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	103	fill_default_server_options(ServerOptions *options)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	104	{
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	105	if (options->protocol == SSH_PROTO_UNKNOWN)
				106	options->protocol = SSH_PROTO_1\|SSH_PROTO_2;
				107	if (options->num_host_key_files == 0) {
				108	/* fill default hostkeys for protocols */
				109	if (options->protocol & SSH_PROTO_1)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	110	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	111	if (options->protocol & SSH_PROTO_2)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	112	options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	113	}
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	114	if (options->num_ports == 0)
				115	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				116	if (options->listen_addrs == NULL)
				117	add_listen_addr(options, NULL);
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	118	if (options->pid_file == NULL)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	119	options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	120	if (options->server_key_bits == -1)
				121	options->server_key_bits = 768;
				122	if (options->login_grace_time == -1)
				123	options->login_grace_time = 600;
				124	if (options->key_regeneration_time == -1)
				125	options->key_regeneration_time = 3600;
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	126	if (options->permit_root_login == PERMIT_NOT_SET)
				127	options->permit_root_login = PERMIT_YES;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	128	if (options->ignore_rhosts == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	129	options->ignore_rhosts = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	130	if (options->ignore_user_known_hosts == -1)
				131	options->ignore_user_known_hosts = 0;
				132	if (options->check_mail == -1)
				133	options->check_mail = 0;
				134	if (options->print_motd == -1)
				135	options->print_motd = 1;
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	136	if (options->print_lastlog == -1)
				137	options->print_lastlog = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	138	if (options->x11_forwarding == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	139	options->x11_forwarding = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	140	if (options->x11_display_offset == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	141	options->x11_display_offset = 10;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	142	#ifdef XAUTH_PATH
				143	if (options->xauth_location == NULL)
				144	options->xauth_location = XAUTH_PATH;
				145	#endif /* XAUTH_PATH */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	146	if (options->strict_modes == -1)
				147	options->strict_modes = 1;
				148	if (options->keepalives == -1)
				149	options->keepalives = 1;
				150	if (options->log_facility == (SyslogFacility) (-1))
				151	options->log_facility = SYSLOG_FACILITY_AUTH;
				152	if (options->log_level == (LogLevel) (-1))
Ben Lindstrom	db65e8f	2001-01-19 04:26:52 +0000	[diff] [blame]	153	options->log_level = SYSLOG_LEVEL_INFO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	154	if (options->rhosts_authentication == -1)
				155	options->rhosts_authentication = 0;
				156	if (options->rhosts_rsa_authentication == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	157	options->rhosts_rsa_authentication = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	158	if (options->rsa_authentication == -1)
				159	options->rsa_authentication = 1;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	160	if (options->pubkey_authentication == -1)
				161	options->pubkey_authentication = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	162	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	163	if (options->kerberos_authentication == -1)
				164	options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
				165	if (options->kerberos_or_local_passwd == -1)
				166	options->kerberos_or_local_passwd = 1;
				167	if (options->kerberos_ticket_cleanup == -1)
				168	options->kerberos_ticket_cleanup = 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	169	#endif /* KRB4 */
				170	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	171	if (options->kerberos_tgt_passing == -1)
				172	options->kerberos_tgt_passing = 0;
				173	if (options->afs_token_passing == -1)
				174	options->afs_token_passing = k_hasafs();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	175	#endif /* AFS */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	176	if (options->password_authentication == -1)
				177	options->password_authentication = 1;
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	178	if (options->kbd_interactive_authentication == -1)
				179	options->kbd_interactive_authentication = 0;
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	180	if (options->challenge_reponse_authentication == -1)
				181	options->challenge_reponse_authentication = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	182	if (options->permit_empty_passwd == -1)
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	183	options->permit_empty_passwd = 0;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	184	if (options->use_login == -1)
				185	options->use_login = 0;
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	186	if (options->allow_tcp_forwarding == -1)
				187	options->allow_tcp_forwarding = 1;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	188	if (options->gateway_ports == -1)
				189	options->gateway_ports = 0;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	190	if (options->max_startups == -1)
				191	options->max_startups = 10;
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	192	if (options->max_startups_rate == -1)
				193	options->max_startups_rate = 100; /* 100% */
				194	if (options->max_startups_begin == -1)
				195	options->max_startups_begin = options->max_startups;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	196	if (options->reverse_mapping_check == -1)
				197	options->reverse_mapping_check = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	198	}
				199
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	200	/* Keyword tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	201	typedef enum {
				202	sBadOption, /* == unknown option */
				203	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
				204	sPermitRootLogin, sLogFacility, sLogLevel,
				205	sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	206	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	207	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	208	#endif
				209	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	210	sKerberosTgtPassing, sAFSTokenPassing,
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	211	#endif
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	212	sChallengeResponseAuthentication,
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	213	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	214	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
				215	sX11Forwarding, sX11DisplayOffset,
Ben Lindstrom	d9cae22	2001-03-05 07:42:03 +0000	[diff] [blame]	216	sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail,
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	217	sUseLogin, sAllowTcpForwarding,
				218	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	219	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	220	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	221	sBanner, sReverseMappingCheck
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	222	} ServerOpCodes;
				223
				224	/* Textual representation of the tokens. */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	225	static struct {
				226	const char *name;
				227	ServerOpCodes opcode;
				228	} keywords[] = {
				229	{ "port", sPort },
				230	{ "hostkey", sHostKeyFile },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	231	{ "hostdsakey", sHostKeyFile }, /* alias */
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	232	{ "pidfile", sPidFile },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	233	{ "serverkeybits", sServerKeyBits },
				234	{ "logingracetime", sLoginGraceTime },
				235	{ "keyregenerationinterval", sKeyRegenerationTime },
				236	{ "permitrootlogin", sPermitRootLogin },
				237	{ "syslogfacility", sLogFacility },
				238	{ "loglevel", sLogLevel },
				239	{ "rhostsauthentication", sRhostsAuthentication },
				240	{ "rhostsrsaauthentication", sRhostsRSAAuthentication },
				241	{ "rsaauthentication", sRSAAuthentication },
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	242	{ "pubkeyauthentication", sPubkeyAuthentication },
				243	{ "dsaauthentication", sPubkeyAuthentication }, /* alias */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	244	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	245	{ "kerberosauthentication", sKerberosAuthentication },
				246	{ "kerberosorlocalpasswd", sKerberosOrLocalPasswd },
				247	{ "kerberosticketcleanup", sKerberosTicketCleanup },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	248	#endif
				249	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	250	{ "kerberostgtpassing", sKerberosTgtPassing },
				251	{ "afstokenpassing", sAFSTokenPassing },
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	252	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	253	{ "passwordauthentication", sPasswordAuthentication },
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	254	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	255	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
				256	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	257	{ "checkmail", sCheckMail },
				258	{ "listenaddress", sListenAddress },
				259	{ "printmotd", sPrintMotd },
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	260	{ "printlastlog", sPrintLastLog },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	261	{ "ignorerhosts", sIgnoreRhosts },
				262	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts },
				263	{ "x11forwarding", sX11Forwarding },
				264	{ "x11displayoffset", sX11DisplayOffset },
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	265	{ "xauthlocation", sXAuthLocation },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	266	{ "strictmodes", sStrictModes },
				267	{ "permitemptypasswords", sEmptyPasswd },
				268	{ "uselogin", sUseLogin },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	269	{ "keepalive", sKeepAlives },
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	270	{ "allowtcpforwarding", sAllowTcpForwarding },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	271	{ "allowusers", sAllowUsers },
				272	{ "denyusers", sDenyUsers },
				273	{ "allowgroups", sAllowGroups },
				274	{ "denygroups", sDenyGroups },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	275	{ "ciphers", sCiphers },
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	276	{ "macs", sMacs },
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	277	{ "protocol", sProtocol },
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	278	{ "gatewayports", sGatewayPorts },
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	279	{ "subsystem", sSubsystem },
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	280	{ "maxstartups", sMaxStartups },
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	281	{ "banner", sBanner },
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	282	{ "reversemappingcheck", sReverseMappingCheck },
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	283	{ NULL, 0 }
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	284	};
				285
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	286	/*
				287	* Returns the number of the token pointed to by cp of length len. Never
				288	* returns if the token is not known.
				289	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	290
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	291	static ServerOpCodes
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	292	parse_token(const char cp, const char filename,
				293	int linenum)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	294	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	295	u_int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	296
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	297	for (i = 0; keywords[i].name; i++)
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	298	if (strcasecmp(cp, keywords[i].name) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	299	return keywords[i].opcode;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	300
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	301	fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
				302	filename, linenum, cp);
				303	return sBadOption;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	304	}
				305
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	306	/*
				307	* add listen address
				308	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	309	void
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	310	add_listen_addr(ServerOptions options, char addr)
				311	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	312	struct addrinfo hints, ai, aitop;
				313	char strport[NI_MAXSERV];
				314	int gaierr;
				315	int i;
				316
				317	if (options->num_ports == 0)
				318	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
				319	for (i = 0; i < options->num_ports; i++) {
				320	memset(&hints, 0, sizeof(hints));
				321	hints.ai_family = IPv4or6;
				322	hints.ai_socktype = SOCK_STREAM;
				323	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
				324	snprintf(strport, sizeof strport, "%d", options->ports[i]);
				325	if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	326	fatal("bad addr or host: %s (%s)",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	327	addr ? addr : "<NULL>",
				328	gai_strerror(gaierr));
				329	for (ai = aitop; ai->ai_next; ai = ai->ai_next)
				330	;
				331	ai->ai_next = options->listen_addrs;
				332	options->listen_addrs = aitop;
				333	}
				334	}
				335
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	336	/* Reads the server configuration file. */
				337
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	338	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	339	read_server_config(ServerOptions options, const char filename)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	340	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	341	FILE *f;
				342	char line[1024];
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	343	char cp, charptr, arg;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	344	int linenum, *intptr, value;
				345	int bad_options = 0;
				346	ServerOpCodes opcode;
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	347	int i;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	348
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	349	f = fopen(filename, "r");
				350	if (!f) {
				351	perror(filename);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	352	exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	353	}
				354	linenum = 0;
				355	while (fgets(line, sizeof(line), f)) {
				356	linenum++;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	357	cp = line;
				358	arg = strdelim(&cp);
				359	/* Ignore leading whitespace */
				360	if (*arg == '\0')
				361	arg = strdelim(&cp);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	362	if (!arg \|\| !arg \|\| arg == '#')
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	363	continue;
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	364	intptr = NULL;
				365	charptr = NULL;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	366	opcode = parse_token(arg, filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	367	switch (opcode) {
				368	case sBadOption:
				369	bad_options++;
				370	continue;
				371	case sPort:
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	372	/* ignore ports from configfile if cmdline specifies ports */
				373	if (options->ports_from_cmdline)
				374	continue;
				375	if (options->listen_addrs != NULL)
				376	fatal("%s line %d: ports must be specified before "
				377	"ListenAdress.\n", filename, linenum);
				378	if (options->num_ports >= MAX_PORTS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	379	fatal("%s line %d: too many ports.",
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	380	filename, linenum);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	381	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	382	if (!arg \|\| *arg == '\0')
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	383	fatal("%s line %d: missing port number.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	384	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	385	options->ports[options->num_ports++] = atoi(arg);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	386	break;
				387
				388	case sServerKeyBits:
				389	intptr = &options->server_key_bits;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	390	parse_int:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	391	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	392	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	393	fprintf(stderr, "%s line %d: missing integer value.\n",
				394	filename, linenum);
				395	exit(1);
				396	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	397	value = atoi(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	398	if (*intptr == -1)
				399	*intptr = value;
				400	break;
Damien Miller	3226509	1999-11-12 11:33:04 +1100	[diff] [blame]	401
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	402	case sLoginGraceTime:
				403	intptr = &options->login_grace_time;
				404	goto parse_int;
				405
				406	case sKeyRegenerationTime:
				407	intptr = &options->key_regeneration_time;
				408	goto parse_int;
				409
				410	case sListenAddress:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	411	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	412	if (!arg \|\| *arg == '\0')
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	413	fatal("%s line %d: missing inet addr.",
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	414	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	415	add_listen_addr(options, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	416	break;
				417
				418	case sHostKeyFile:
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	419	intptr = &options->num_host_key_files;
				420	if (*intptr >= MAX_HOSTKEYS) {
Ben Lindstrom	33a3cc3	2001-03-05 05:07:52 +0000	[diff] [blame]	421	fprintf(stderr,
				422	"%s line %d: too many host keys specified (max %d).\n",
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	423	filename, linenum, MAX_HOSTKEYS);
				424	exit(1);
				425	}
				426	charptr = &options->host_key_files[*intptr];
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	427	parse_filename:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	428	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	429	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	430	fprintf(stderr, "%s line %d: missing file name.\n",
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	431	filename, linenum);
				432	exit(1);
				433	}
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	434	if (*charptr == NULL) {
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	435	*charptr = tilde_expand_filename(arg, getuid());
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	436	/* increase optional counter */
				437	if (intptr != NULL)
				438	intptr = intptr + 1;
				439	}
Damien Miller	6f83b8e	2000-05-02 09:23:45 +1000	[diff] [blame]	440	break;
				441
				442	case sPidFile:
				443	charptr = &options->pid_file;
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	444	goto parse_filename;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	445
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	446	case sPermitRootLogin:
				447	intptr = &options->permit_root_login;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	448	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	449	if (!arg \|\| *arg == '\0') {
Ben Lindstrom	35f1f4e	2001-03-06 01:02:41 +0000	[diff] [blame]	450	fprintf(stderr, "%s line %d: missing yes/"
				451	"without-password/forced-commands-only/no "
				452	"argument.\n", filename, linenum);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	453	exit(1);
				454	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	455	if (strcmp(arg, "without-password") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	456	value = PERMIT_NO_PASSWD;
				457	else if (strcmp(arg, "forced-commands-only") == 0)
				458	value = PERMIT_FORCED_ONLY;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	459	else if (strcmp(arg, "yes") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	460	value = PERMIT_YES;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	461	else if (strcmp(arg, "no") == 0)
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	462	value = PERMIT_NO;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	463	else {
Ben Lindstrom	d8a9021	2001-02-15 03:08:27 +0000	[diff] [blame]	464	fprintf(stderr, "%s line %d: Bad yes/"
				465	"without-password/forced-commands-only/no "
				466	"argument: %s\n", filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	467	exit(1);
				468	}
				469	if (*intptr == -1)
				470	*intptr = value;
				471	break;
				472
				473	case sIgnoreRhosts:
				474	intptr = &options->ignore_rhosts;
				475	parse_flag:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	476	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	477	if (!arg \|\| *arg == '\0') {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	478	fprintf(stderr, "%s line %d: missing yes/no argument.\n",
				479	filename, linenum);
				480	exit(1);
				481	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	482	if (strcmp(arg, "yes") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	483	value = 1;
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	484	else if (strcmp(arg, "no") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	485	value = 0;
				486	else {
				487	fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	488	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	489	exit(1);
				490	}
				491	if (*intptr == -1)
				492	*intptr = value;
				493	break;
				494
				495	case sIgnoreUserKnownHosts:
				496	intptr = &options->ignore_user_known_hosts;
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	497	goto parse_flag;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	498
				499	case sRhostsAuthentication:
				500	intptr = &options->rhosts_authentication;
				501	goto parse_flag;
				502
				503	case sRhostsRSAAuthentication:
				504	intptr = &options->rhosts_rsa_authentication;
				505	goto parse_flag;
				506
				507	case sRSAAuthentication:
				508	intptr = &options->rsa_authentication;
				509	goto parse_flag;
				510
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	511	case sPubkeyAuthentication:
				512	intptr = &options->pubkey_authentication;
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	513	goto parse_flag;
				514
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	515	#ifdef KRB4
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	516	case sKerberosAuthentication:
				517	intptr = &options->kerberos_authentication;
				518	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	519
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	520	case sKerberosOrLocalPasswd:
				521	intptr = &options->kerberos_or_local_passwd;
				522	goto parse_flag;
				523
				524	case sKerberosTicketCleanup:
				525	intptr = &options->kerberos_ticket_cleanup;
				526	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	527	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	528
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	529	#ifdef AFS
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	530	case sKerberosTgtPassing:
				531	intptr = &options->kerberos_tgt_passing;
				532	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	533
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	534	case sAFSTokenPassing:
				535	intptr = &options->afs_token_passing;
				536	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	537	#endif
				538
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	539	case sPasswordAuthentication:
				540	intptr = &options->password_authentication;
				541	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	542
Damien Miller	874d77b	2000-10-14 16:23:11 +1100	[diff] [blame]	543	case sKbdInteractiveAuthentication:
				544	intptr = &options->kbd_interactive_authentication;
				545	goto parse_flag;
				546
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	547	case sCheckMail:
				548	intptr = &options->check_mail;
				549	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	550
Ben Lindstrom	95fb2dd	2001-01-23 03:12:10 +0000	[diff] [blame]	551	case sChallengeResponseAuthentication:
				552	intptr = &options->challenge_reponse_authentication;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	553	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	554
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	555	case sPrintMotd:
				556	intptr = &options->print_motd;
				557	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	558
Ben Lindstrom	7bfff36	2001-03-26 05:45:53 +0000	[diff] [blame^]	559	case sPrintLastLog:
				560	intptr = &options->print_lastlog;
				561	goto parse_flag;
				562
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	563	case sX11Forwarding:
				564	intptr = &options->x11_forwarding;
				565	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	566
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	567	case sX11DisplayOffset:
				568	intptr = &options->x11_display_offset;
				569	goto parse_int;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	570
Damien Miller	d3a1857	2000-06-07 19:55:44 +1000	[diff] [blame]	571	case sXAuthLocation:
				572	charptr = &options->xauth_location;
				573	goto parse_filename;
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	574
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	575	case sStrictModes:
				576	intptr = &options->strict_modes;
				577	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	578
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	579	case sKeepAlives:
				580	intptr = &options->keepalives;
				581	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	582
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	583	case sEmptyPasswd:
				584	intptr = &options->permit_empty_passwd;
				585	goto parse_flag;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	586
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	587	case sUseLogin:
				588	intptr = &options->use_login;
				589	goto parse_flag;
Damien Miller	5ce662a	1999-11-11 17:57:39 +1100	[diff] [blame]	590
Damien Miller	e247cc4	2000-05-07 12:03:14 +1000	[diff] [blame]	591	case sGatewayPorts:
				592	intptr = &options->gateway_ports;
				593	goto parse_flag;
				594
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	595	case sReverseMappingCheck:
				596	intptr = &options->reverse_mapping_check;
				597	goto parse_flag;
				598
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	599	case sLogFacility:
				600	intptr = (int *) &options->log_facility;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	601	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	602	value = log_facility_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	603	if (value == (SyslogFacility) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	604	fatal("%.200s line %d: unsupported log facility '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	605	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	606	if (*intptr == -1)
				607	*intptr = (SyslogFacility) value;
				608	break;
				609
				610	case sLogLevel:
				611	intptr = (int *) &options->log_level;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	612	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	613	value = log_level_number(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	614	if (value == (LogLevel) - 1)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	615	fatal("%.200s line %d: unsupported log level '%s'",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	616	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	617	if (*intptr == -1)
				618	*intptr = (LogLevel) value;
				619	break;
				620
Damien Miller	50a41ed	2000-10-16 12:14:42 +1100	[diff] [blame]	621	case sAllowTcpForwarding:
				622	intptr = &options->allow_tcp_forwarding;
				623	goto parse_flag;
				624
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	625	case sAllowUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	626	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	627	if (options->num_allow_users >= MAX_ALLOW_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	628	fatal("%s line %d: too many allow users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	629	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	630	options->allow_users[options->num_allow_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	631	}
				632	break;
				633
				634	case sDenyUsers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	635	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	636	if (options->num_deny_users >= MAX_DENY_USERS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	637	fatal( "%s line %d: too many deny users.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	638	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	639	options->deny_users[options->num_deny_users++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	640	}
				641	break;
				642
				643	case sAllowGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	644	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	645	if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	646	fatal("%s line %d: too many allow groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	647	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	648	options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	649	}
				650	break;
				651
				652	case sDenyGroups:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	653	while ((arg = strdelim(&cp)) && *arg != '\0') {
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	654	if (options->num_deny_groups >= MAX_DENY_GROUPS)
Ben Lindstrom	6df8ef4	2001-03-05 07:47:23 +0000	[diff] [blame]	655	fatal("%s line %d: too many deny groups.",
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	656	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	657	options->deny_groups[options->num_deny_groups++] = xstrdup(arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	658	}
				659	break;
				660
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	661	case sCiphers:
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	662	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	663	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	664	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	665	if (!ciphers_valid(arg))
Damien Miller	30c3d42	2000-05-09 11:02:59 +1000	[diff] [blame]	666	fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	667	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	668	if (options->ciphers == NULL)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	669	options->ciphers = xstrdup(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	670	break;
				671
Ben Lindstrom	06b33aa	2001-02-15 03:01:59 +0000	[diff] [blame]	672	case sMacs:
				673	arg = strdelim(&cp);
				674	if (!arg \|\| *arg == '\0')
				675	fatal("%s line %d: Missing argument.", filename, linenum);
				676	if (!mac_valid(arg))
				677	fatal("%s line %d: Bad SSH2 mac spec '%s'.",
				678	filename, linenum, arg ? arg : "<NONE>");
				679	if (options->macs == NULL)
				680	options->macs = xstrdup(arg);
				681	break;
				682
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	683	case sProtocol:
				684	intptr = &options->protocol;
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	685	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	686	if (!arg \|\| *arg == '\0')
Damien Miller	b1715dc	2000-05-30 13:44:51 +1000	[diff] [blame]	687	fatal("%s line %d: Missing argument.", filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	688	value = proto_spec(arg);
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	689	if (value == SSH_PROTO_UNKNOWN)
				690	fatal("%s line %d: Bad protocol spec '%s'.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	691	filename, linenum, arg ? arg : "<NONE>");
Damien Miller	7892879	2000-04-12 20:17:38 +1000	[diff] [blame]	692	if (*intptr == SSH_PROTO_UNKNOWN)
				693	*intptr = value;
				694	break;
				695
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	696	case sSubsystem:
				697	if(options->num_subsystems >= MAX_SUBSYSTEMS) {
				698	fatal("%s line %d: too many subsystems defined.",
				699	filename, linenum);
				700	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	701	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	702	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	703	fatal("%s line %d: Missing subsystem name.",
				704	filename, linenum);
				705	for (i = 0; i < options->num_subsystems; i++)
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	706	if(strcmp(arg, options->subsystem_name[i]) == 0)
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	707	fatal("%s line %d: Subsystem '%s' already defined.",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	708	filename, linenum, arg);
				709	options->subsystem_name[options->num_subsystems] = xstrdup(arg);
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	710	arg = strdelim(&cp);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	711	if (!arg \|\| *arg == '\0')
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	712	fatal("%s line %d: Missing subsystem command.",
				713	filename, linenum);
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	714	options->subsystem_command[options->num_subsystems] = xstrdup(arg);
Damien Miller	f6d9e22	2000-06-18 14:50:44 +1000	[diff] [blame]	715	options->num_subsystems++;
				716	break;
				717
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	718	case sMaxStartups:
Damien Miller	942da03	2000-08-18 13:59:06 +1000	[diff] [blame]	719	arg = strdelim(&cp);
				720	if (!arg \|\| *arg == '\0')
				721	fatal("%s line %d: Missing MaxStartups spec.",
				722	filename, linenum);
				723	if (sscanf(arg, "%d:%d:%d",
				724	&options->max_startups_begin,
				725	&options->max_startups_rate,
				726	&options->max_startups) == 3) {
				727	if (options->max_startups_begin >
				728	options->max_startups \|\|
				729	options->max_startups_rate > 100 \|\|
				730	options->max_startups_rate < 1)
				731	fatal("%s line %d: Illegal MaxStartups spec.",
				732	filename, linenum);
				733	break;
				734	}
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	735	intptr = &options->max_startups;
				736	goto parse_int;
				737
Ben Lindstrom	48bd7c1	2001-01-09 00:35:42 +0000	[diff] [blame]	738	case sBanner:
				739	charptr = &options->banner;
				740	goto parse_filename;
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	741
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	742	default:
				743	fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	744	filename, linenum, arg, opcode);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	745	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	746	}
Damien Miller	be484b5	2000-07-15 14:14:16 +1000	[diff] [blame]	747	if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	748	fprintf(stderr,
Damien Miller	3702396	2000-07-11 17:31:38 +1000	[diff] [blame]	749	"%s line %d: garbage at end of line; \"%.200s\".\n",
				750	filename, linenum, arg);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	751	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	752	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	753	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	754	fclose(f);
				755	if (bad_options > 0) {
				756	fprintf(stderr, "%s: terminating, %d bad configuration options\n",
				757	filename, bad_options);
				758	exit(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	759	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	760	}